More and more employees access sensitive business information (email, documents and applications) through their own devices (Bring Your Own Device or BYOD). This new trend represents a significant threat to the security of corporate data.
The concerns of the IT department
One of the functions of the IT department is to safeguard the corporate information and now that it is consumed outside the limits of the organization, the following is posed: What happens now that the data of the companies are also on the mobile devices of the companies? employees? How can IT control access to information from such devices (PCs, Tablets, Smartphones)?
But not only that, this new trend is compounded by the increase in Saas applications for which different passwords are used, causing forgotten passwords and have to call the IT department to reset or deblocate accounts is there a solution to solve the problem of using multiple passwords in applications in the cloud?
To address these concerns, Microsoft offers us Enterprise Mobility Suite: The capabilities of this tool free of work to IT departments and allows them to focus on more strategic tasks and higher value for your company.
What is the Enterprise Mobility Suite?
Enterprise Mobility Suite (EMS) is a Microsoft cloud identity and security platform designed to help manage and protect devices, applications and information.
The suite is composed of 3 cloud-based services that jointly offer companies an advanced level of protection. The services are grouped in:
Identity and access management
Azure Active Directory Premium is an identity and access management solution with a set of features that aim to protect access to local and cloud applications as well as help maintain the security of corporate data. This service includes among other features:
- Start of single session: You can manage and unify identities among multiple platforms, devices and services in the cloud (or local) to achieve a single session start. This allows employees to use a single, secure and corporate access credential to access OnPremise applications and Cloud services.
- Self-service: It offers a self-service portal through which users who forget a password or block an account can reset their passwords based on a security question or a code sent to their mobile device.
- Authentication Multifactor: Integrates a functionality that helps you prevent unauthorized access to your data in the cloud through a second authentication through a mobile App, an automated phone call or a text message.
Management of devices and mobile applications
Microsoft Intune is a service that provides complete management of devices (both mobile and PCs) along with the advanced management of corporate applications to control employee access to corporate data and prevent information leakage. Its main highlights are:
- Authorized devices: You can manage all types of devices (IOS, Android, WP and PC’s) as well as establish security policies for those who can access corporate information. With this function, both emails and documents of all kinds can only be used by devices authorized by the company and it is even possible to block the use of USB connections.
- Selective deletion of data: With this function, if a device is lost, stolen or if the employee is no longer part of the organization, administrators can delete the corporate data that was inside the device, optionally without deleting the data user’s personal
- Automated deployment of applications: It allows to install in an automated way new applications and updates of them as well as operating systems.
Protection of information
A zure Rights Management is a solution based on security policies and policies that allow you to protect your confidential information and ensure compliance and security in the cloud or local infrastructure. With Azure Rights Management you can:
- Create security policies: Both identity and authorization, such as requiring the corporate user password to work with the document, not allowing screen captures and many others all designed to prevent access to unauthorized users and ensure compliance with policies of the company.
- Set policies: To protect your files (SharePoint Online) and email (Exchange Online) in any device and with which you can apply restrictions such as not allowing copying, cutting and pasting as well as protection against document printing or downloading of files.
- Define transport rules: To encrypt outgoing email messages and decrypt incoming encrypted replies or to prevent an external recipient to the organization from performing any of these functions: access and forward the content of an email.
A cost-effective solution
EMS is the most cost-effective way to acquire all security services in the cloud while representing significant cost savings over third-party solutions. In addition, EMS is fully integrated with Office 365 services, including Exchange Online, SharePoint Online and Skype for Business, making it easier to protect native email and Word, Excel or PowerPoint files, among others.
In conclusion, Enterprise Mobility Suite is a great opportunity to enhance the mobility strategy of your company, making it a more competitive and secure company. At Softeng, as specialists in Microsoft cloud solutions we help you achieve it.
Do you want to know how you can benefit from the advantages of EMS?